However, the constraint I have is that the actual java program will not have the two lines to set the headers. Can I achieve the exact same effect of these lines using mod_rewrite? I have so far tried -

From this, when I use java to set the variables, the resulting page shows, among other things,

HTTP_PASSWORD="myuser"HTTP_USERID="mypassword"

With the [env=HTTP_userid:myuser,env=HTTP_password:mypassword,L] rule, I get

HTTP_password="mypassword"HTTP_userid="myuser"

and with [env=userid:myuser,env=password:mypassword,L] the page shows -

password="mypassword"userid="myuser"

The problem is coming in because the request is processed by a third party SSO module which accepts the credentials, among other places via header variables. With the java program setting the headers, this is working too. However, with the mod_rewrite approach, the credentials are not found by the SSO module which responds with the form challenge as a result. Only if I pass the credentials some other way am I let in to see that mod_rewrite does seem to set the headers but not in the way that the java code does.